Rename flag to NewBundleFormat for consistency

Signed-off-by: Cody Soyland <codysoyland@github.com>

cmd/cosign/cli/options/certificate.go

@@ -38,7 +38,7 @@ type CertVerifyOptions struct {
 	CertChain                    string
 	SCT                          string
 	IgnoreSCT                    bool
-	ExpectSigstoreBundle         bool
+	NewBundleFormat              bool
 	TrustedRootPath              string
 }
 
@@ -106,7 +106,7 @@ func (o *CertVerifyOptions) AddFlags(cmd *cobra.Command) {
 		"when set, verification will not check that a certificate contains an embedded SCT, a proof of "+
 			"inclusion in a certificate transparency log")
 	cmd.Flags().StringVar(&o.TrustedRootPath, "trusted-root", "", "Path to a Sigstore TrustedRoot JSON file.")
-	cmd.Flags().BoolVar(&o.ExpectSigstoreBundle, "expect-sigstore-bundle", false, "expect the signature/attestation to be packaged in a Sigstore bundle")
+	cmd.Flags().BoolVar(&o.NewBundleFormat, "new-bundle-format", false, "expect the signature/attestation to be packaged in a Sigstore bundle")
 }
 
 func (o *CertVerifyOptions) Identities() ([]cosign.Identity, error) {

cmd/cosign/cli/verify/verify.go

@@ -146,7 +146,7 @@ func (c *VerifyCommand) Exec(ctx context.Context, images []string) (err error) {
 		UseSignedTimestamps:          c.UseSignedTimestamps,
 		MaxWorkers:                   c.MaxWorkers,
 		ExperimentalOCI11:            c.ExperimentalOCI11,
-		ExpectSigstoreBundle:         c.ExpectSigstoreBundle,
+		NewBundleFormat:              c.NewBundleFormat,
 	}
 
 	if c.TrustedRootPath != "" {

cmd/cosign/cli/verify/verify_attestation.go

@@ -121,27 +121,27 @@ func (c *VerifyAttestationCommand) Exec(ctx context.Context, images []string) (e
 		IgnoreTlog:                   c.IgnoreTlog,
 		UseSignedTimestamps:          c.UseSignedTimestamps,
 		MaxWorkers:                   c.MaxWorkers,
-		ExpectSigstoreBundle:         c.ExpectSigstoreBundle,
+		NewBundleFormat:              c.NewBundleFormat,
 	}
 	if c.CheckClaims {
 		co.ClaimVerifier = cosign.IntotoSubjectClaimVerifier
 	}
 
-	if c.ExpectSigstoreBundle {
+	if c.NewBundleFormat {
 		if err = checkSigstoreBundleUnsupportedOptions(c); err != nil {
 			return err
 		}
 	}
 
 	// Ignore Signed Certificate Timestamp if the flag is set or a key is provided
-	if shouldVerifySCT(c.IgnoreSCT, c.KeyRef, c.Sk) && !c.ExpectSigstoreBundle {
+	if shouldVerifySCT(c.IgnoreSCT, c.KeyRef, c.Sk) && !c.NewBundleFormat {
 		co.CTLogPubKeys, err = cosign.GetCTLogPubs(ctx)
 		if err != nil {
 			return fmt.Errorf("getting ctlog public keys: %w", err)
 		}
 	}
 
-	if c.TSACertChainPath != "" || c.UseSignedTimestamps && !c.ExpectSigstoreBundle {
+	if c.TSACertChainPath != "" || c.UseSignedTimestamps && !c.NewBundleFormat {
 		tsaCertificates, err := c.loadTSACertificates(ctx)
 		if err != nil {
 			return fmt.Errorf("unable to load TSA certificates: %w", err)
@@ -151,7 +151,7 @@ func (c *VerifyAttestationCommand) Exec(ctx context.Context, images []string) (e
 		co.TSAIntermediateCertificates = tsaCertificates.IntermediateCerts
 	}
 
-	if !c.IgnoreTlog && !co.ExpectSigstoreBundle {
+	if !c.IgnoreTlog && !co.NewBundleFormat {
 		if c.RekorURL != "" {
 			rekorClient, err := rekor.NewClient(c.RekorURL)
 			if err != nil {
@@ -197,7 +197,7 @@ func (c *VerifyAttestationCommand) Exec(ctx context.Context, images []string) (e
 			return fmt.Errorf("initializing piv token verifier: %w", err)
 		}
 	case c.CertRef != "":
-		if c.ExpectSigstoreBundle {
+		if c.NewBundleFormat {
 			// This shouldn't happen because we already checked for this above in checkSigstoreBundleUnsupportedOptions
 			return fmt.Errorf("unsupported: certificate reference currently not supported with --expect-sigstore-bundle")
 		}
@@ -238,7 +238,7 @@ func (c *VerifyAttestationCommand) Exec(ctx context.Context, images []string) (e
 			co.SCT = sct
 		}
 	case c.TrustedRootPath != "":
-		if !c.ExpectSigstoreBundle {
+		if !c.NewBundleFormat {
 			return fmt.Errorf("unsupported: trusted root path currently only supported with --expect-sigstore-bundle")
 		}
 

pkg/cosign/verify.go

@@ -174,10 +174,10 @@ type CheckOpts struct {
 	// Defaults to false.
 	ExperimentalOCI11 bool
 
-	ExpectSigstoreBundle bool
+	NewBundleFormat bool
 
 	// TrustedMaterial is the trusted material to use for verification.
-	// Currently, this is only applicable when ExpectSigstoreBundle is true.
+	// Currently, this is only applicable when NewBundleFormat is true.
 	TrustedMaterial root.TrustedMaterial
 
 	// TODO: Add these to replace above fields?
@@ -602,7 +602,7 @@ func VerifyImageSignatures(ctx context.Context, signedImgRef name.Reference, co
 		}
 	}
 
-	if co.ExpectSigstoreBundle {
+	if co.NewBundleFormat {
 		return nil, false, errors.New("bundle support for image signatures is not yet implemented")
 	}
 
@@ -994,7 +994,7 @@ func VerifyImageAttestations(ctx context.Context, signedImgRef name.Reference, c
 	if co.RootCerts == nil && co.SigVerifier == nil && co.TrustedMaterial == nil {
 		return nil, false, errors.New("one of verifier, root certs, or TrustedMaterial is required")
 	}
-	if co.ExpectSigstoreBundle {
+	if co.NewBundleFormat {
 		return verifyImageAttestationsSigstoreBundle(ctx, signedImgRef, co)
 	}
 

test/e2e_test.go

@@ -366,7 +366,7 @@ func attestVerify(t *testing.T, newBundleFormat bool, predicateType, attestation
 	}
 
 	if newBundleFormat {
-		verifyAttestation.ExpectSigstoreBundle = true
+		verifyAttestation.NewBundleFormat = true
 	}
 
 	// Fail case when using without type and policy flag